Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
File: dOW7m208x_jCmoO9yEkrllnw7hc.cer (raw, json)
Hash identifier: /uXxzw3gXyVbEFiWXPVpTeXBd3UXWD5hYo/vRDMZGHE=
Subject key identifier: 74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4F06
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 Nov 2023 19:37:19 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: IP: 47.8.0.0/15
IP: 47.11.0.0/16
IP: 47.15.0.0/16
IP: 47.29.0.0 -- 47.31.255.255
IP: 47.247.0.0/16
IP: 130.26.0.0/16
IP: 132.154.0.0/16
IP: 136.232.0.0/15
IP: 137.97.0.0/16
IP: 139.167.0.0/16
IP: 152.56.0.0/14
IP: 157.32.0.0 -- 157.51.255.255
IP: 169.149.0.0/16
IP: 205.253.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20230 (0x4f06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 30 19:37:19 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5e:6b:9c:d4:c7:61:15:fe:70:01:0a:ca:e2:
0b:05:dc:7a:84:01:33:d7:60:70:e1:23:29:0f:fb:
6e:d3:7c:d6:9f:ff:dd:64:92:52:11:7e:ae:6b:e1:
3f:5d:70:f9:3a:fb:85:60:8a:52:84:f1:ce:db:d9:
43:e7:bc:99:5d:16:98:1f:5e:5e:36:d3:23:fe:37:
fd:e7:76:d1:14:95:ca:87:eb:45:34:0d:3f:80:9a:
ce:32:8d:23:49:2e:ea:8e:7d:56:52:7b:30:dd:a9:
fa:4a:21:1d:5f:65:00:a7:c6:14:11:16:29:d7:f4:
50:eb:83:0a:0f:e4:d7:e5:a1:72:00:5b:f9:16:5f:
e7:f7:34:ce:23:5c:72:42:66:ae:60:be:0e:2f:34:
b3:f3:5d:20:47:95:2d:6f:7c:e5:0a:e1:c8:15:32:
17:5d:5e:5b:a0:cb:91:28:d6:62:d5:40:c8:6a:fd:
dd:27:4d:db:36:5c:09:08:87:b3:70:48:e7:cc:0a:
63:d1:86:d1:56:14:a1:0b:fa:5a:83:b7:87:8b:ff:
28:3d:68:1b:e5:8a:9b:69:e0:dc:71:49:d7:29:0d:
6c:db:95:40:3c:cc:2e:5d:b5:a1:99:b5:56:37:d5:
dc:7d:e4:31:34:af:ea:f5:50:46:25:69:04:d2:3b:
39:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
47.8.0.0/15
47.11.0.0/16
47.15.0.0/16
47.29.0.0-47.31.255.255
47.247.0.0/16
130.26.0.0/16
132.154.0.0/16
136.232.0.0/15
137.97.0.0/16
139.167.0.0/16
152.56.0.0/14
157.32.0.0-157.51.255.255
169.149.0.0/16
205.253.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:05:52:d8:a0:b2:0a:60:91:1c:e6:12:d7:62:e0:91:9d:3d:
f2:80:21:b8:53:50:90:e2:14:5f:b5:8b:1c:d0:2e:d4:25:8a:
bc:78:f3:9a:56:d2:90:05:39:b2:2d:fa:ad:ef:b6:cd:bd:e6:
ab:92:d4:63:fb:d0:1b:5f:3c:a0:5a:42:29:c5:04:a9:44:9d:
f6:62:05:36:03:d1:19:63:ef:cd:98:40:07:b0:f8:ce:a7:4d:
d8:53:95:65:16:94:11:65:53:56:08:42:4b:45:74:ee:2b:ed:
b9:38:68:a5:21:73:7d:e5:90:ea:b4:c5:c5:cb:f5:3f:46:5a:
65:00:c6:03:be:92:30:86:9f:98:09:aa:47:2a:4d:34:e4:4d:
dd:28:ac:7a:08:64:f8:c1:f9:1a:a5:3a:86:c8:92:df:98:50:
15:4e:52:a3:1d:14:1b:b1:2b:34:4d:bc:f8:cc:3f:97:96:38:
6b:4d:c6:08:e8:5d:20:7c:38:49:9d:99:a0:42:65:0b:31:ac:
8a:3e:e2:2a:cb:ad:7c:9c:3a:5b:f9:8b:29:81:c5:1c:14:ae:
b8:0b:91:f4:0c:2b:da:87:05:9a:1e:c4:7d:48:b1:08:e9:48:
00:5e:a6:cd:da:0a:26:59:65:28:3b:27:15:08:64:f4:9c:7e:
6c:8f:75:78
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgICTwYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMTMwMTkzNzE5WhcNMjUwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2MjBFMDExMC8GA1UEBRMoNzRFNUJCOUI2RDNDQzdGOEMyOUE4M0JE
Qzg0OTJCOTY1OUYwRUUxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOZea5zUx2EV/nABCsriCwXceoQBM9dgcOEjKQ/7btN81p//3WSSUhF+rmvhP11w
+Tr7hWCKUoTxztvZQ+e8mV0WmB9eXjbTI/43/ed20RSVyofrRTQNP4CazjKNI0ku
6o59VlJ7MN2p+kohHV9lAKfGFBEWKdf0UOuDCg/k1+WhcgBb+RZf5/c0ziNcckJm
rmC+Di80s/NdIEeVLW985QrhyBUyF11eW6DLkSjWYtVAyGr93SdN2zZcCQiHs3BI
58wKY9GG0VYUoQv6WoO3h4v/KD1oG+WKm2ng3HFJ1ykNbNuVQDzMLl21oZm1VjfV
3H3kMTSv6vVQRiVpBNI7OUkCAwEAAaOCA0EwggM9MB0GA1UdDgQWBBR05bubbTzH
+MKag73ISSuWWfDuFzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRDk2NEI0ODIzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYyMEUwL0Q5NjRCNDgyMzEwRTExRUE5QzNDRTcyRkM0RjlBRTAyL2RPVzdtMjA4
eF9qQ21vTzl5RWtybGxudzdoYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBtBggrBgEFBQcBBwEB/wReMFww
WgQCAAEwVAMDAS8IAwMALwsDAwAvDzAKAwMALx0DAwUvAAMDAC/3AwMAghoDAwCE
mgMDAYjoAwMAiWEDAwCLpwMDApg4MAoDAwWdIAMDAp0wAwMAqZUDAwDN/TANBgkq
hkiG9w0BAQsFAAOCAQEAegVS2KCyCmCRHOYS12LgkZ098oAhuFNQkOIUX7WLHNAu
1CWKvHjzmlbSkAU5si36re+2zb3mq5LUY/vQG188oFpCKcUEqUSd9mIFNgPRGWPv
zZhAB7D4zqdN2FOVZRaUEWVTVghCS0V07ivtuThopSFzfeWQ6rTFxcv1P0ZaZQDG
A76SMIafmAmqRypNNORN3Siseghk+MH5GqU6hsiS35hQFU5Sox0UG7ErNE28+Mw/
l5Y4a03GCOhdIHw4SZ2ZoEJlCzGsij7iKsutfJw6W/mLKYHFHBSuuAuR9Awr2ocF
mh7EfUixCOlIAF6mzdoKJlllKDsnFQhk9Jx+bI91eA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org